What this threat is
For most of the history of cybersecurity, conducting a sophisticated attack required real expertise. Writing malware that could evade detection, finding a previously unknown vulnerability in a software system, or crafting phishing emails convincing enough to fool trained employees, these were hard problems that took skilled people significant time to solve. AI is dismantling that barrier. Automated vulnerability discovery tools can scan codebases and network configurations at machine speed, surfacing weaknesses that would take human researchers weeks to find. AI-generated malware can adapt its own behavior in real time to slip past security tools trained on known attack patterns.
Large-scale phishing and social engineering are perhaps where the shift is most visible right now. Traditional phishing campaigns worked through volume, sending millions of generic, often badly written messages in hopes that some percentage of recipients would click. AI lets attackers generate highly personalized messages at the same scale, drawing on scraped data about targets to construct emails that reference real colleagues, real projects, and real professional contexts. The same technology that makes a marketing email feel personal can make a malicious one feel indistinguishable from a genuine communication.
Critical infrastructure presents a different and scarier dimension of this problem. Power grids, water treatment systems, hospital networks, air traffic control, and financial settlement infrastructure are all networked, and many run on software that was built before modern security standards existed. AI gives attackers a tool to probe these systems systematically and at scale, testing for misconfigured interfaces, legacy vulnerabilities, and points where operational technology meets the internet. The goal isn't always to break something. Sometimes it's to sit quietly inside a network for months, a problem the security industry calls "dwell time," building knowledge and positioning for a future action.
The dwell time problem is particularly acute with AI-assisted attacks. Human attackers operating inside a network generate noise. They make mistakes, move clumsily, and leave traces that security teams can eventually spot. AI systems that navigate a compromised network can be designed to move slowly and mimic legitimate traffic patterns, making detection far harder. By the time a breach is discovered, the attacker may have had access for long enough to have thoroughly mapped the target, exfiltrated valuable data, or positioned persistent backdoors that survive the initial remediation response.
Why it matters
The consequences of AI-enabled attacks on critical infrastructure go well beyond the immediate damage to the targeted system. Power grid failures cascade. When electricity goes down, so does water treatment, hospital backup power eventually runs out, fuel pumps stop working, and financial transaction systems go offline. A well-targeted attack on interconnected infrastructure can turn a localized disruption into a regional or national emergency within hours. The 2021 Colonial Pipeline ransomware attack, which used relatively conventional tools, demonstrated how quickly a single infrastructure compromise can affect fuel supplies across a wide region. AI-enabled attacks could achieve similar or greater disruption with less effort and less exposure for the attacker.
The attribution problem makes this significantly worse from a governance perspective. When a state or criminal group conducts a conventional military or criminal operation, there's usually some physical evidence connecting them to it. Cyber attacks are different, and AI-generated attacks can be designed to look like they came from somewhere else entirely. This isn't new to cybersecurity, but AI makes it easier to construct convincing false flags at scale, generating attack infrastructure and behavioral signatures that point in misleading directions. When you can't reliably identify who attacked you, deterrence becomes difficult and the risk of escalating a conflict based on misattribution becomes real.
There's also a democratization effect that cuts both ways. AI doesn't just help nation-state actors or sophisticated criminal organizations. It also lowers the barrier for smaller groups and individuals who previously lacked the technical skills to execute meaningful attacks. The range of actors who can cause serious damage expands significantly. At the same time, defenders benefit from many of the same tools, using AI to detect anomalies in network traffic, automate the analysis of security logs, and respond to incidents faster. But the evidence so far suggests that offense scales more easily than defense in this environment, because attackers only need to find one way in while defenders have to protect every surface.
Where things stand today
AI is already embedded in both sides of the cybersecurity landscape, and has been for several years. Defensive security products use machine learning to detect unusual behavior patterns, flag anomalous network traffic, and automate triage of the enormous volume of alerts that security operations centers generate. Offensive tools are less publicly documented, for obvious reasons, but security researchers have demonstrated AI-generated malware, AI-assisted vulnerability discovery, and AI-enhanced social engineering in controlled settings. The capabilities that exist in research environments today typically appear in real attacks within a few years.
The EU AI Act addresses cybersecurity in several ways, though not as a standalone topic. AI systems used in critical infrastructure are classified as high-risk, which means they're subject to mandatory risk assessments, documentation requirements, and human oversight obligations. The Act also requires that AI systems be designed with cybersecurity in mind, meaning they can't be easily compromised or manipulated in ways that would affect their outputs. These are meaningful requirements, but they address the security of AI systems themselves rather than the use of AI as an offensive weapon, which remains largely outside current regulatory frameworks.
International efforts to govern cyber conflict are limited and slow. The Budapest Convention on Cybercrime, now over two decades old, establishes norms around criminal behavior in cyberspace but doesn't directly address state-sponsored attacks or the use of AI. The UN Group of Governmental Experts has produced consensus documents affirming that international law applies to cyberspace, but without enforcement mechanisms, these remain aspirational. What's missing is any international agreement on what constitutes an act of war in cyberspace, what attacks on critical infrastructure are prohibited, and how attribution disputes should be resolved. The governance gap between the pace of AI-enabled offensive capability development and the pace of international norm-building is significant and growing.
How Better Societies helps
Compliance: The EU AI Act's security requirements for high-risk AI systems are detailed and technically demanding. If your organization uses AI in or adjacent to critical infrastructure, our compliance programs help you understand what's required, conduct the necessary risk assessments, and build the documentation and oversight processes that the regulation mandates. We also help you think through how AI tools your organization relies on might themselves become attack surfaces.
Summit: Effective responses to AI-enabled cyber threats require coordination across sectors that don't normally talk to each other: security researchers, infrastructure operators, policymakers, and international governance bodies. The Better Societies Summit brings these communities together to build shared understanding and drive the kind of cross-sector norms that no single organization can establish alone.
Accelerator: Some of the most promising work on defensive AI tools is coming from founders and researchers building outside the established security industry. If you're building AI-powered threat detection, attribution tools, automated incident response systems, or security solutions for under-protected critical infrastructure sectors, the Better Societies Accelerator is designed to help you move faster and connect with the people who need your work.